pt/vundle
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #578 from av3r4ge/plugin-names-security-enhancement

Browse Source 
Prevent insecure plugin names.
This commit is contained in:
Jacobo de Vera 2015-03-21 23:51:26 +01:00
commit cfd3b2d388
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
autoload/vundle/config.vim
View File

@ -97,6 +97,9 @@ funct! s:check_bundle_name(bundle)
\ ' previously used the name "' . a:bundle.name . '"' . \ ' previously used the name "' . a:bundle.name . '"' .
\ '. Skipping Plugin ' . a:bundle.name_spec . '.' \ '. Skipping Plugin ' . a:bundle.name_spec . '.'
return 0 return 0
elseif a:bundle.name !~ '\v^[A-Za-z0-9_-]%(\.?[A-Za-z0-9_-])*$'
echoerr 'Invalid plugin name: ' . a:bundle.name
return 0
endif endif
let s:bundle_names[a:bundle.name] = a:bundle.name_spec let s:bundle_names[a:bundle.name] = a:bundle.name_spec
return 1 return 1
@ -262,7 +265,7 @@ let s:bundle = {}
" return -- the target location to clone this bundle to " return -- the target location to clone this bundle to
" --------------------------------------------------------------------------- " ---------------------------------------------------------------------------
func! s:bundle.path() func! s:bundle.path()
return s:expand_path(g:vundle#bundle_dir.'/'.self.name) return s:expand_path(g:vundle#bundle_dir.'/') . self.name
endf endf